Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenID Fan Club Is Shrinking

Posted by timothy on from the and-watch-that-basket-carefully dept.

A.B. VerHausen writes "Even though there's a whole new Web site devoted to understanding and using OpenID, some companies are dropping the login method altogether. OStatic is reporting that the 'free Web site network Wetpaint announced recently that it will no longer support OpenID as a login option for its wiki, citing low usage and high support costs as reasons.' Apparently, fewer than 200 registered users bothered with OpenID, and the extra QA and development time doesn't make it worthwhile to support. This can't come as welcome news on top of the internal issues the article mentions the OpenID Foundation is having now, too." I've actually been quite happy with OpenID, since I have spawned far too many username/password pairs over the last 20-plus years, but it's a major chicken-and-egg problem. Hopefully someone out there will build a better mousetrap ...

5 of 333 comments (clear)

  1. Re:What bothers me about OpenID. by roemcke · · Score: 5, Insightful

    You already have all your eggs in one basket. Virtually all online sites will send you new passwords by e-mail if you forget them. If your e-mail account get compromised, an attacker can request and intercept new passwords for any online site he wants to access.

  2. Re:Local software solution instead by Just+Some+Guy · · Score: 5, Insightful

    Rather than trust an external site with all my security, I use a tool called 1Password for Macintosh (there is a similar tool for windows) that secures my passwords in once place and protects them with a single master password.

    Rather than trust an external site with my security, I use OpenID on my home server that secures my single password in one place and never distributes any of my login information to other servers.

    --
    Dewey, what part of this looks like authorities should be involved?
  3. Re:Local software solution instead by davester666 · · Score: 5, Insightful

    It's because everybody wants to be a provider (so they get all your valuable information from you, as well as your surfing habits from other web sites that use OpenID when you sign on using your ID), but pretty much nobody wants to just accept an OpenID login (as they wind up just sending valuable information to another company with no direct benefit to themselves [and they could care less about the customer's convenience]).

    --
    Sleep your way to a whiter smile...date a dentist!
  4. Re:Local software solution instead by Sancho · · Score: 5, Insightful

    Frankly, I don't trust other computers. I try my best not to log on to online services when I'm not using a trusted computer.

    I'm sure as hell not going to plug a USB drive with my password database into an untrusted computer.

  5. Re:Local software solution instead by GooberToo · · Score: 5, Insightful

    And this is exactly why OpenID never caught on. You implemented it the only way it makes sense. For the vast majority of people this is too much. For companies requiring a login, they garner no information about who is visiting their site so they have no incentive.

    The combination of the two means no one wants to accept OpenID and it is too painful to truly use securely. Whereby securely means, no user information released.